New QuestionA security professional determines that a number of outsourcing contracts inherited from a previous merger do not adhere to the current security requirements. Which of the following BEST minimizes the risk of this happening again?

A. Define additional security controls directly after the mergerB. Include a procurement officer in the merger teamC. Verify all contracts before a merger occursD. Assign a compliancy officer to review the merger conditions

Answer: D

New QuestionWhich of the following is a direct monetary cost of a security incident?

A. MoraleB. ReputationC. EquipmentD. Information

Answer: C

New QuestionWhich of the following would MINIMIZE the ability of an attacker to exploit a buffer overflow?

A. Memory reviewB. Code reviewC. Message divisionD. Buffer division

Answer: B

New QuestionWhich of the following mechanisms will BEST prevent a Cross-Site Request Forgery (CSRF) attack?

A. Maximum number of entries available in an Access Control List (ACL)B. Fineness to which a trusted system can authenticate usersC. Number of violations divided by the number of total accessesD. Fineness to which an access control system can be adjusted

Answer: D

New QuestionWhich one of the following considerations has the LEAST impact when considering transmission security?

New QuestionA chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead of RS422. The project manager wants to simplify administration and maintenance by utilizing the office network infrastructure and staff to implement this upgrade. Which of the following is the GREATEST impact on security for the network?

A. The network administrators have no knowledge of ICSB. The ICS is now accessible from the office networkC. The ICS does not support the office password policyD. RS422 is more reliable than Ethernet